ISP filtering port 25

Ben Walton bdwalton-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Mon Mar 17 16:26:26 UTC 2014


On Mon, Mar 17, 2014 at 4:01 PM, Lennart Sorensen
<lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org> wrote:
> On Sun, Mar 16, 2014 at 08:03:41AM +0000, Ben Walton wrote:
>> This implies that you're trying to send mail either directly from your
>> machine to the world or are using a non-ISP provided mail service.
>>
>> If it's the former stop it. :)
>>
>> You really don't want to do direct to port 25 unless you're a proper mail
>> server. If you're doing this on your home internet connection, you don't
>> count.
>>
>> If it's the latter, I recommend doing this for many reasons. Any mail
>> service provider worth using will listen on TCP/587 and require TLS+auth
>> for outbound relay through this port.
>>
>> (I used to feel quite indignant about this myself. A few years of dealing
>> with the type of crap that originates from ISP networks running a mail
>> service that people cared about changed this view.)
>
> So according to you people are not allowed to run a mail server for
> their own domain anymore unless they are an ISP?

No, that's not what I'm saying. Change "not allowed to" to shouldn't.
Anyone capable of running a mail server properly doesn't need port 25
egress and those that aren't capable shouldn't. I'd argue that lists
like http://www.dnsbl.info/dnsbl-details.php?dnsbl=dul.dnsbl.sorbs.net
are very useful. Again, if you're clued in, you're perfectly able to
relay mail out using TLS and authentication. If not...well, you
probably shouldn't be sending the mail out.

ISP's are doing the internet in general a favour by blocking this
port. It provides such an incredibly low signal to noise ratio that
blocking it to prevent spambots is the right choice. (ISP's blocking
_inbound_ tcp/25 is a different matter.)

That's not to say it's without cost...it is unfortunate and I'd prefer
a network where this isn't required. That said, I'm a realist and the
genie is out of the bottle.


Thanks
-Ben
-- 
---------------------------------------------------------------------------------------------------------------------------
Take the risk of thinking for yourself.  Much more happiness,
truth, beauty and wisdom will come to you that way.

-Christopher Hitchens
---------------------------------------------------------------------------------------------------------------------------
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list